HydraXSS is a brand new XSS scanner. It crawl all the pages on the target website to find some user inputs and inject payloads automatically
- Exploit of Input field
- Automation of XSS injection
- Automatic Tool
Before running HydraXSS, make sure you install these following libraries :
- requests
- bs4
- selenium
- chromedriver
You can install them by typing this following command in your terminal :
pip3 install -r requirements.txt
Clone this repository to your local machine.
Open your terminal and navigate to the cloned repository.
Run the script by typing python3 hydraxss.py in your terminal.
Enter the url of the target website when prompted.
HydraXSS can be used to inspect and test the vulnerability of a website, this tool is fully automatic and can be run in the background, at this point you can do your other tasks and come back later to see the scanner results.
Execution on one page
demo_hydraxss.mp4
Execution on other pages
demo_hydraxss_2.mp4
Functionality
Output
